mirrors/khuedoan-homelab
1
0
Fork 0
mirror of https://github.com/khuedoan/homelab.git synced 2025-01-07 05:51:17 +07:00
Code Issues Packages Projects Releases Wiki Activity

Update lxd profile

Browse Source
This commit is contained in:
Khue Doan 2021-02-13 16:31:30 +07:00
parent a4821862c5
commit 4da172ba4c
1 changed files with 12 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
infra/lxd/cluster.tf
View File

@ -5,11 +5,18 @@ resource "lxd_container" "k8s" {
ephemeral = false
config = {
"security.privileged" = true
"security.nesting" = true
"linux.kernel_modules" = "ip_tables,ip6_tables,nf_nat,overlay,br_netfilter"
"raw.lxc" = "lxc.apparmor.profile=unconfined\nlxc.cap.drop= \nlxc.cgroup.devices.allow=a\nlxc.mount.auto=proc:rw sys:rw cgroup:rw"
"user.user-data" = <<-EOT
security.privileged = true
security.nesting = true
limits.memory.swap = false
limits.cpus = 1
linux.kernel_modules = "ip_tables,ip6_tables,nf_nat,overlay,br_netfilter"
raw.lxc = <<-EOT
lxc.apparmor.profile=unconfined
lxc.cap.drop=
lxc.cgroup.devices.allow=a
lxc.mount.auto=proc:rw sys:rw
EOT
user.user-data = <<-EOT
#cloud-config
ssh_authorized_keys:
- ${file("~/.ssh/id_rsa.pub")}